<!DOCTYPE html>
<html lang="en">

<head>
  <meta http-equiv="Content-type" content="text/html; charset=utf-8">
  <meta http-equiv="Content-Language" content="en-us">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
  <title>Snyk test report</title>
  <meta name="description" content="4 known vulnerabilities found in 38 vulnerable dependency paths.">
  <base target="_blank">
  <link rel="icon" type="image/png" href="https://res.cloudinary.com/snyk/image/upload/v1468845142/favicon/favicon.png"
    sizes="194x194">
  <link rel="shortcut icon" href="https://res.cloudinary.com/snyk/image/upload/v1468845142/favicon/favicon.ico">
  <style type="text/css">
  
    body {
      -moz-font-feature-settings: "pnum";
      -webkit-font-feature-settings: "pnum";
      font-variant-numeric: proportional-nums;
      display: flex;
      flex-direction: column;
      font-feature-settings: "pnum";
      font-size: 100%;
      line-height: 1.5;
      min-height: 100vh;
      -webkit-text-size-adjust: 100%;
      margin: 0;
      padding: 0;
      background-color: #F5F5F5;
      font-family: 'Arial', 'Helvetica', Calibri, sans-serif;
    }
  
    h1,
    h2,
    h3,
    h4,
    h5,
    h6 {
      font-weight: 500;
    }
  
    a,
    a:link,
    a:visited {
      border-bottom: 1px solid #4b45a9;
      text-decoration: none;
      color: #4b45a9;
    }
  
    a:hover,
    a:focus,
    a:active {
      border-bottom: 1px solid #4b45a9;
    }
  
    hr {
      border: none;
      margin: 1em 0;
      border-top: 1px solid #c5c5c5;
    }
  
    ul {
      padding: 0 1em;
      margin: 1em 0;
    }
  
    code {
      background-color: #EEE;
      color: #333;
      padding: 0.25em 0.5em;
      border-radius: 0.25em;
    }
  
    pre {
      background-color: #333;
      font-family: monospace;
      padding: 0.5em 1em 0.75em;
      border-radius: 0.25em;
      font-size: 14px;
    }
  
    pre code {
      padding: 0;
      background-color: transparent;
      color: #fff;
    }
  
    a code {
      border-radius: .125rem .125rem 0 0;
      padding-bottom: 0;
      color: #4b45a9;
    }
  
    a[href^="http://"]:after,
    a[href^="https://"]:after {
      background-image: linear-gradient(transparent,transparent),url("data:image/svg+xml,%3Csvg%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%20viewBox%3D%220%200%20112%20109%22%3E%3Cg%20id%3D%22Page-1%22%20fill%3D%22none%22%20fill-rule%3D%22evenodd%22%3E%3Cg%20id%3D%22link-external%22%3E%3Cg%20id%3D%22arrow%22%3E%3Cpath%20id%3D%22Line%22%20stroke%3D%22%234B45A9%22%20stroke-width%3D%2215%22%20d%3D%22M88.5%2021l-43%2042.5%22%20stroke-linecap%3D%22square%22%2F%3E%3Cpath%20id%3D%22Triangle%22%20fill%3D%22%234B45A9%22%20d%3D%22M111.2%200v50L61%200z%22%2F%3E%3C%2Fg%3E%3Cpath%20id%3D%22square%22%20fill%3D%22%234B45A9%22%20d%3D%22M66%2015H0v94h94V44L79%2059v35H15V30h36z%22%2F%3E%3C%2Fg%3E%3C%2Fg%3E%3C%2Fsvg%3E");
      background-repeat: no-repeat;
      background-size: .75rem;
      content: "";
      display: inline-block;
      height: .75rem;
      margin-left: .25rem;
      width: .75rem;
    }
  
  
  /* Layout */
  
    [class*=layout-container] {
      margin: 0 auto;
      max-width: 71.25em;
      padding: 1.9em 1.3em;
      position: relative;
    }
    .layout-container--short {
      padding-top: 0;
      padding-bottom: 0;
      max-width: 48.75em;
    }
  
    .layout-container--short:after {
      display: block;
      content: "";
      clear: both;
    }
  
  /* Header */
  
    .header {
      padding-bottom: 1px;
    }
  
    .paths {
      margin-left: 8px;
    }
    .header-wrap {
      display: flex;
      flex-direction: row;
      justify-content: space-between;
      padding-top: 2em;
    }
    .project__header {
      background-color: #030328;
      color: #fff;
      margin-bottom: -1px;
      padding-top: 1em;
      padding-bottom: 0.25em;
      border-bottom: 2px solid #BBB;
    }
  
    .project__header__title {
      overflow-wrap: break-word;
      word-wrap: break-word;
      word-break: break-all;
      margin-bottom: .1em;
      margin-top: 0;
    }
  
    .timestamp {
      float: right;
      clear: none;
      margin-bottom: 0;
    }
  
    .meta-counts {
      clear: both;
      display: block;
      flex-wrap: wrap;
      justify-content: space-between;
      margin: 0 0 1.5em;
      color: #fff;
      clear: both;
      font-size: 1.1em;
    }
  
    .meta-count {
      display: block;
      flex-basis: 100%;
      margin: 0 1em 1em 0;
      float: left;
      padding-right: 1em;
      border-right: 2px solid #fff;
    }
  
    .meta-count:last-child {
      border-right: 0;
      padding-right: 0;
      margin-right: 0;
    }
  
  /* Card */
  
    .card {
      background-color: #fff;
      border: 1px solid #c5c5c5;
      border-radius: .25rem;
      margin: 0 0 2em 0;
      position: relative;
      min-height: 40px;
      padding: 1.5em;
    }
  
    .card__labels {
      position: absolute;
      top: 1.1em;
      left: 0;
      display: flex;
      align-items: center;
      gap: 8px;
    }
  
    .card .label {
      background-color: #767676;
      border: 2px solid #767676;
      color: white;
      padding: 0.25rem 0.75rem;
      font-size: 0.875rem;
      text-transform: uppercase;
      display: inline-block;
      margin: 0;
      border-radius: 0.25rem;
    }
  
    .card .label__text {
      vertical-align: text-top;
        font-weight: bold;
    }
  
    .card .label--critical {
      background-color: #AB1A1A;
      border-color: #AB1A1A;
    }
  
    .card .label--high {
      background-color: #CE5019;
      border-color: #CE5019;
    }
  
    .card .label--medium {
      background-color: #D68000;
      border-color: #D68000;
    }
  
    .card .label--low {
      background-color: #88879E;
      border-color: #88879E;
    }
  
    .severity--low {
      border-color: #88879E;
    }
  
    .severity--medium {
      border-color: #D68000;
    }
  
    .severity--high {
      border-color: #CE5019;
    }
  
    .severity--critical {
      border-color: #AB1A1A;
    }
  
    .card--vuln {
      padding-top: 4em;
    }
  
    .card--vuln .card__labels > .label:first-child {
      padding-left: 1.9em;
      padding-right: 1.9em;
      border-radius: 0 0.25rem 0.25rem 0;
    }
  
    .card--vuln .card__section h2 {
      font-size: 22px;
      margin-bottom: 0.5em;
    }
  
    .card--vuln .card__section p {
      margin: 0 0 0.5em 0;
    }
  
    .card--vuln .card__meta {
      padding: 0 0 0 1em;
      margin: 0;
      font-size: 1.1em;
    }
  
    .card .card__meta__paths {
      font-size: 0.9em;
    }
  
    .card--vuln .card__title {
      font-size: 28px;
      margin-top: 0;
      margin-right: 100px; /* Ensure space for the risk score */
    }
  
    .card--vuln .card__cta p {
      margin: 0;
      text-align: right;
    }
  
    .risk-score-display {
      position: absolute;
      top: 1.5em;
      right: 1.5em;
      text-align: right;
      z-index: 10;
    }
  
    .risk-score-display__label {
      font-size: 0.7em;
      font-weight: bold;
      color: #586069;
      text-transform: uppercase;
      line-height: 1;
      margin-bottom: 3px;
    }
  
    .risk-score-display__value {
      font-size: 1.9em;
      font-weight: 600;
      color: #24292e;
      line-height: 1;
    }
  
    .source-panel {
      clear: both;
      display: flex;
      justify-content: flex-start;
      flex-direction: column;
      align-items: flex-start;
      padding: 0.5em 0;
      width: fit-content;
    }
  
  
  
  </style>
  <style type="text/css">
    .metatable {
      text-size-adjust: 100%;
      -webkit-font-smoothing: antialiased;
      -webkit-box-direction: normal;
      color: inherit;
      font-feature-settings: "pnum";
      box-sizing: border-box;
      background: transparent;
      border: 0;
      font: inherit;
      font-size: 100%;
      margin: 0;
      outline: none;
      padding: 0;
      text-align: left;
      text-decoration: none;
      vertical-align: baseline;
      z-index: auto;
      margin-top: 12px;
      border-collapse: collapse;
      border-spacing: 0;
      font-variant-numeric: tabular-nums;
      max-width: 51.75em;
    }
  
    tbody {
      text-size-adjust: 100%;
      -webkit-font-smoothing: antialiased;
      -webkit-box-direction: normal;
      color: inherit;
      font-feature-settings: "pnum";
      border-collapse: collapse;
      border-spacing: 0;
      box-sizing: border-box;
      background: transparent;
      border: 0;
      font: inherit;
      font-size: 100%;
      margin: 0;
      outline: none;
      padding: 0;
      text-align: left;
      text-decoration: none;
      vertical-align: baseline;
      z-index: auto;
      display: flex;
      flex-wrap: wrap;
    }
  
    .meta-row {
      text-size-adjust: 100%;
      -webkit-font-smoothing: antialiased;
      -webkit-box-direction: normal;
      color: inherit;
      font-feature-settings: "pnum";
      border-collapse: collapse;
      border-spacing: 0;
      box-sizing: border-box;
      background: transparent;
      border: 0;
      font: inherit;
      font-size: 100%;
      outline: none;
      text-align: left;
      text-decoration: none;
      vertical-align: baseline;
      z-index: auto;
      display: flex;
      align-items: start;
      border-top: 1px solid #d3d3d9;
      padding: 8px 0 0 0;
      border-bottom: none;
      margin: 8px;
      width: 47.75%;
    }
  
    .meta-row-label {
      text-size-adjust: 100%;
      -webkit-font-smoothing: antialiased;
      -webkit-box-direction: normal;
      font-feature-settings: "pnum";
      border-collapse: collapse;
      border-spacing: 0;
      color: #4c4a73;
      box-sizing: border-box;
      background: transparent;
      border: 0;
      font: inherit;
      margin: 0;
      outline: none;
      text-decoration: none;
      z-index: auto;
      align-self: start;
      flex: 1;
      font-size: 1rem;
      line-height: 1.5rem;
      padding: 0;
      text-align: left;
      vertical-align: top;
      text-transform: none;
      letter-spacing: 0;
    }
  
    .meta-row-value {
      text-size-adjust: 100%;
      -webkit-font-smoothing: antialiased;
      -webkit-box-direction: normal;
      color: inherit;
      font-feature-settings: "pnum";
      border-collapse: collapse;
      border-spacing: 0;
      word-break: break-word;
      box-sizing: border-box;
      background: transparent;
      border: 0;
      font: inherit;
      font-size: 100%;
      margin: 0;
      outline: none;
      padding: 0;
      text-align: right;
      text-decoration: none;
      vertical-align: baseline;
      z-index: auto;
    }
  </style>
</head>

<body class="section-projects">
  <main class="layout-stacked">
        <div class="layout-stacked__header header">
          <header class="project__header">
            <div class="layout-container">
              <a class="brand" href="https://snyk.io" title="Snyk">
                <svg width="68px" height="35px" viewBox="0 0 68 35" version="1.1" xmlns="http://www.w3.org/2000/svg" role="img">
                  <title>Snyk - Open Source Security</title>
                  <g stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">
                    <g fill="#fff">
                      <path d="M5.732,27.278 C3.445,27.278 1.589,26.885 0,26.124 L0.483,22.472 C2.163,23.296 4.056,23.689 5.643,23.689 C6.801,23.689 7.563,23.295 7.563,22.599 C7.563,20.594 0.333,21.076 0.333,15.839 C0.333,12.491 3.407,10.729 7.259,10.729 C9.179,10.729 11.161,11.249 12.444,11.704 L11.924,15.294 C10.577,14.774 8.747,14.291 7.222,14.291 C6.282,14.291 5.518,14.621 5.518,15.231 C5.518,17.208 12.903,16.815 12.903,21.925 C12.903,25.325 9.877,27.277 5.733,27.277 L5.732,27.278 Z M25.726,26.936 L25.726,17.894 C25.726,15.827 24.811,14.85 23.069,14.85 C22.219,14.85 21.329,15.09 20.719,15.46 L20.719,26.936 L15.352,26.936 L15.352,11.262 L20.602,10.83 L20.474,13.392 L20.652,13.392 C21.784,11.87 23.702,10.716 25.992,10.716 C28.736,10.716 31.112,12.416 31.112,16.436 L31.112,26.936 L25.724,26.936 L25.726,26.936 Z M61.175,26.936 L56.879,19.479 L56.446,19.479 L56.446,26.935 L51.082,26.935 L51.082,8.37 L56.447,0 L56.447,17.323 C57.515,16.017 61.112,11.059 61.112,11.059 L67.732,11.059 L61.454,17.689 L67.949,26.95 L61.175,26.95 L61.175,26.938 L61.175,26.936 Z M44.13,11.11 L41.93,18.262 C41.5,19.606 41.08,22.079 41.08,22.079 C41.08,22.079 40.75,19.516 40.292,18.172 L37.94,11.108 L31.928,11.108 L38.462,26.935 C37.572,29.04 36.199,30.815 34.369,30.815 C34.039,30.815 33.709,30.802 33.389,30.765 L31.255,34.061 C31.928,34.441 33.212,34.835 34.737,34.835 C38.703,34.835 41.359,31.627 43.215,26.885 L49.443,11.108 L44.132,11.108 L44.13,11.11 Z"></path>
                    </g>
                  </g>
                </svg>
              </a>
              <div class="header-wrap">
                  <h1 class="project__header__title">Snyk test report</h1>
    
                <p class="timestamp">September 28th 2025, 12:33:56 am (UTC+00:00)</p>
              </div>
              <div class="source-panel">
                <span>Scanned the following paths:</span>
                <ul>
                  <li class="paths">public.ecr.aws/docker/library/redis:7.0.15-alpine/docker/library/redis (apk)</li>
                  <li class="paths">public.ecr.aws/docker/library/redis:7.0.15-alpine/tianon/gosu//usr/local/bin/gosu (gomodules)</li>
                </ul>
              </div>
    
              <div class="meta-counts">
                <div class="meta-count"><span>4</span> <span>known vulnerabilities</span></div>
                <div class="meta-count"><span>38 vulnerable dependency paths</span></div>
                <div class="meta-count"><span>18</span> <span>dependencies</span></div>
              </div><!-- .meta-counts -->
            </div><!-- .layout-container--short -->
          </header><!-- .project__header -->
        </div><!-- .layout-stacked__header -->

    <div class="layout-container" style="padding-top: 35px;">
      <div class="cards--vuln filter--patch filter--ignore">
        <div class="card card--vuln  disclosure--not-new severity--low" data-snyk-test="low">
            <h2 class="card__title">CVE-2024-9143</h2>
            <div class="card__section">
        
                <div class="card__labels">
                    <div class="label label--low">
                        <span class="label__text">low severity</span>
                    </div>
                </div>
        
                <hr/>
        
                <ul class="card__meta">
                    <li class="card__meta__item">
                        Package Manager: alpine:3.20
                    </li>
                    <li class="card__meta__item">
                            Vulnerable module:
        
                            openssl/libcrypto3
                    </li>
        
                    <li class="card__meta__item">Introduced through:
        
                                docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine and openssl/libcrypto3@3.3.2-r0
        
                    </li>
                </ul>
        
                <hr/>
        
        
                        <h3 class="card__section__title">Detailed paths</h3>
        
                    <ul class="card__meta__paths">
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        .redis-rundeps@20240906.232324
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        apk-tools/apk-tools@2.14.4-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        busybox/ssl_client@1.36.1-r29
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        .redis-rundeps@20240906.232324
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        .redis-rundeps@20240906.232324
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        apk-tools/apk-tools@2.14.4-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        busybox/ssl_client@1.36.1-r29
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                    </ul><!-- .list-paths -->
        
            </div><!-- .card__section -->
        
              <hr/>
              <!-- Overview -->
              <h2 id="nvd-description">NVD Description</h2>
        <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>openssl</code> package and not the <code>openssl</code> package as distributed by <code>Alpine</code>.</em>
        <em>See <code>How to fix?</code> for <code>Alpine:3.20</code> relevant fixed versions and status.</em></p>
        <p>Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted
        explicit values for the field polynomial can lead to out-of-bounds memory reads
        or writes.</p>
        <p>Impact summary: Out of bound memory writes can lead to an application crash or
        even a possibility of a remote code execution, however, in all the protocols
        involving Elliptic Curve Cryptography that we&#39;re aware of, either only &#34;named
        curves&#34; are supported, or, if explicit curve parameters are supported, they
        specify an X9.62 encoding of binary (GF(2^m)) curves that can&#39;t represent
        problematic input values. Thus the likelihood of existence of a vulnerable
        application is low.</p>
        <p>In particular, the X9.62 encoding is used for ECC keys in X.509 certificates,
        so problematic inputs cannot occur in the context of processing X.509
        certificates.  Any problematic use-cases would have to be using an &#34;exotic&#34;
        curve encoding.</p>
        <p>The affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(),
        and various supporting BN_GF2m_*() functions.</p>
        <p>Applications working with &#34;exotic&#34; explicit binary (GF(2^m)) curve parameters,
        that make it possible to represent invalid field polynomials with a zero
        constant term, via the above or similar APIs, may terminate abruptly as a
        result of reading or writing outside of array bounds.  Remote code execution
        cannot easily be ruled out.</p>
        <p>The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.</p>
        <h2 id="remediation">Remediation</h2>
        <p>Upgrade <code>Alpine:3.20</code> <code>openssl</code> to version 3.3.2-r3 or higher.</p>
        <h2 id="references">References</h2>
        <ul>
        <li><a href="https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712">https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712</a></li>
        <li><a href="https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700">https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700</a></li>
        <li><a href="https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4">https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4</a></li>
        <li><a href="https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154">https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154</a></li>
        <li><a href="https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a">https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a</a></li>
        <li><a href="https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41">https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41</a></li>
        <li><a href="https://openssl-library.org/news/secadv/20241016.txt">https://openssl-library.org/news/secadv/20241016.txt</a></li>
        <li><a href="http://www.openwall.com/lists/oss-security/2024/10/16/1">http://www.openwall.com/lists/oss-security/2024/10/16/1</a></li>
        <li><a href="http://www.openwall.com/lists/oss-security/2024/10/23/1">http://www.openwall.com/lists/oss-security/2024/10/23/1</a></li>
        <li><a href="http://www.openwall.com/lists/oss-security/2024/10/24/1">http://www.openwall.com/lists/oss-security/2024/10/24/1</a></li>
        <li><a href="https://security.netapp.com/advisory/ntap-20241101-0001/">https://security.netapp.com/advisory/ntap-20241101-0001/</a></li>
        </ul>
        
              <hr/>
        
            <div class="cta card__cta">
                <p><a href="https://snyk.io/vuln/SNYK-ALPINE320-OPENSSL-8235201">More about this vulnerability</a></p>
            </div>
        
        </div><!-- .card -->
        <div class="card card--vuln  disclosure--not-new severity--low" data-snyk-test="low">
            <h2 class="card__title">CVE-2024-13176</h2>
            <div class="card__section">
        
                <div class="card__labels">
                    <div class="label label--low">
                        <span class="label__text">low severity</span>
                    </div>
                </div>
        
                <hr/>
        
                <ul class="card__meta">
                    <li class="card__meta__item">
                        Package Manager: alpine:3.20
                    </li>
                    <li class="card__meta__item">
                            Vulnerable module:
        
                            openssl/libcrypto3
                    </li>
        
                    <li class="card__meta__item">Introduced through:
        
                                docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine and openssl/libcrypto3@3.3.2-r0
        
                    </li>
                </ul>
        
                <hr/>
        
        
                        <h3 class="card__section__title">Detailed paths</h3>
        
                    <ul class="card__meta__paths">
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        .redis-rundeps@20240906.232324
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        apk-tools/apk-tools@2.14.4-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        busybox/ssl_client@1.36.1-r29
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        .redis-rundeps@20240906.232324
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        .redis-rundeps@20240906.232324
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        apk-tools/apk-tools@2.14.4-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        busybox/ssl_client@1.36.1-r29
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                    </ul><!-- .list-paths -->
        
            </div><!-- .card__section -->
        
              <hr/>
              <!-- Overview -->
              <h2 id="nvd-description">NVD Description</h2>
        <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>openssl</code> package and not the <code>openssl</code> package as distributed by <code>Alpine</code>.</em>
        <em>See <code>How to fix?</code> for <code>Alpine:3.20</code> relevant fixed versions and status.</em></p>
        <p>Issue summary: A timing side-channel which could potentially allow recovering
        the private key exists in the ECDSA signature computation.</p>
        <p>Impact summary: A timing side-channel in ECDSA signature computations
        could allow recovering the private key by an attacker. However, measuring
        the timing would require either local access to the signing application or
        a very fast network connection with low latency.</p>
        <p>There is a timing signal of around 300 nanoseconds when the top word of
        the inverted ECDSA nonce value is zero. This can happen with significant
        probability only for some of the supported elliptic curves. In particular
        the NIST P-521 curve is affected. To be able to measure this leak, the attacker
        process must either be located in the same physical computer or must
        have a very fast network connection with low latency. For that reason
        the severity of this vulnerability is Low.</p>
        <p>The FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.</p>
        <h2 id="remediation">Remediation</h2>
        <p>Upgrade <code>Alpine:3.20</code> <code>openssl</code> to version 3.3.2-r2 or higher.</p>
        <h2 id="references">References</h2>
        <ul>
        <li><a href="https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844">https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844</a></li>
        <li><a href="https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467">https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467</a></li>
        <li><a href="https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902">https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902</a></li>
        <li><a href="https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65">https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65</a></li>
        <li><a href="https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f">https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f</a></li>
        <li><a href="https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded">https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded</a></li>
        <li><a href="https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86">https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86</a></li>
        <li><a href="https://openssl-library.org/news/secadv/20250120.txt">https://openssl-library.org/news/secadv/20250120.txt</a></li>
        <li><a href="http://www.openwall.com/lists/oss-security/2025/01/20/2">http://www.openwall.com/lists/oss-security/2025/01/20/2</a></li>
        <li><a href="https://security.netapp.com/advisory/ntap-20250124-0005/">https://security.netapp.com/advisory/ntap-20250124-0005/</a></li>
        <li><a href="https://security.netapp.com/advisory/ntap-20250418-0010/">https://security.netapp.com/advisory/ntap-20250418-0010/</a></li>
        <li><a href="https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html">https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html</a></li>
        </ul>
        
              <hr/>
        
            <div class="cta card__cta">
                <p><a href="https://snyk.io/vuln/SNYK-ALPINE320-OPENSSL-8690013">More about this vulnerability</a></p>
            </div>
        
        </div><!-- .card -->
        <div class="card card--vuln  disclosure--not-new severity--low" data-snyk-test="low">
            <h2 class="card__title">CVE-2024-12797</h2>
            <div class="card__section">
        
                <div class="card__labels">
                    <div class="label label--low">
                        <span class="label__text">low severity</span>
                    </div>
                </div>
        
                <hr/>
        
                <ul class="card__meta">
                    <li class="card__meta__item">
                        Package Manager: alpine:3.20
                    </li>
                    <li class="card__meta__item">
                            Vulnerable module:
        
                            openssl/libcrypto3
                    </li>
        
                    <li class="card__meta__item">Introduced through:
        
                                docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine and openssl/libcrypto3@3.3.2-r0
        
                    </li>
                </ul>
        
                <hr/>
        
        
                        <h3 class="card__section__title">Detailed paths</h3>
        
                    <ul class="card__meta__paths">
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        .redis-rundeps@20240906.232324
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        apk-tools/apk-tools@2.14.4-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        busybox/ssl_client@1.36.1-r29
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        .redis-rundeps@20240906.232324
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        .redis-rundeps@20240906.232324
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        apk-tools/apk-tools@2.14.4-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        busybox/ssl_client@1.36.1-r29
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                        
                                </span>
        
                            </li>
                    </ul><!-- .list-paths -->
        
            </div><!-- .card__section -->
        
              <hr/>
              <!-- Overview -->
              <h2 id="nvd-description">NVD Description</h2>
        <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>openssl</code> package and not the <code>openssl</code> package as distributed by <code>Alpine</code>.</em>
        <em>See <code>How to fix?</code> for <code>Alpine:3.20</code> relevant fixed versions and status.</em></p>
        <p>Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a
        server may fail to notice that the server was not authenticated, because
        handshakes don&#39;t abort as expected when the SSL_VERIFY_PEER verification mode
        is set.</p>
        <p>Impact summary: TLS and DTLS connections using raw public keys may be
        vulnerable to man-in-middle attacks when server authentication failure is not
        detected by clients.</p>
        <p>RPKs are disabled by default in both TLS clients and TLS servers.  The issue
        only arises when TLS clients explicitly enable RPK use by the server, and the
        server, likewise, enables sending of an RPK instead of an X.509 certificate
        chain.  The affected clients are those that then rely on the handshake to
        fail when the server&#39;s RPK fails to match one of the expected public keys,
        by setting the verification mode to SSL_VERIFY_PEER.</p>
        <p>Clients that enable server-side raw public keys can still find out that raw
        public key verification failed by calling SSL_get_verify_result(), and those
        that do, and take appropriate action, are not affected.  This issue was
        introduced in the initial implementation of RPK support in OpenSSL 3.2.</p>
        <p>The FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.</p>
        <h2 id="remediation">Remediation</h2>
        <p>Upgrade <code>Alpine:3.20</code> <code>openssl</code> to version 3.3.3-r0 or higher.</p>
        <h2 id="references">References</h2>
        <ul>
        <li><a href="https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9">https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9</a></li>
        <li><a href="https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7">https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7</a></li>
        <li><a href="https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699">https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699</a></li>
        <li><a href="https://openssl-library.org/news/secadv/20250211.txt">https://openssl-library.org/news/secadv/20250211.txt</a></li>
        <li><a href="http://www.openwall.com/lists/oss-security/2025/02/11/3">http://www.openwall.com/lists/oss-security/2025/02/11/3</a></li>
        <li><a href="http://www.openwall.com/lists/oss-security/2025/02/11/4">http://www.openwall.com/lists/oss-security/2025/02/11/4</a></li>
        <li><a href="https://security.netapp.com/advisory/ntap-20250214-0001/">https://security.netapp.com/advisory/ntap-20250214-0001/</a></li>
        </ul>
        
              <hr/>
        
            <div class="cta card__cta">
                <p><a href="https://snyk.io/vuln/SNYK-ALPINE320-OPENSSL-8710359">More about this vulnerability</a></p>
            </div>
        
        </div><!-- .card -->
        <div class="card card--vuln  disclosure--not-new severity--low" data-snyk-test="low">
            <h2 class="card__title">CVE-2025-26519</h2>
            <div class="card__section">
        
                <div class="card__labels">
                    <div class="label label--low">
                        <span class="label__text">low severity</span>
                    </div>
                </div>
        
                <hr/>
        
                <ul class="card__meta">
                    <li class="card__meta__item">
                        Package Manager: alpine:3.20
                    </li>
                    <li class="card__meta__item">
                            Vulnerable module:
        
                            musl/musl
                    </li>
        
                    <li class="card__meta__item">Introduced through:
        
                                docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine and musl/musl@1.2.5-r0
        
                    </li>
                </ul>
        
                <hr/>
        
        
                        <h3 class="card__section__title">Detailed paths</h3>
        
                    <ul class="card__meta__paths">
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        musl/musl@1.2.5-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        .redis-rundeps@20240906.232324
                                         <span class="list-paths__item__arrow">›</span> 
                                        musl/musl@1.2.5-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        apk-tools/apk-tools@2.14.4-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        musl/musl@1.2.5-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        busybox/ssl_client@1.36.1-r29
                                         <span class="list-paths__item__arrow">›</span> 
                                        musl/musl@1.2.5-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        musl/musl-utils@1.2.5-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        musl/musl@1.2.5-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        .redis-rundeps@20240906.232324
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libcrypto3@3.3.2-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        musl/musl@1.2.5-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        .redis-rundeps@20240906.232324
                                         <span class="list-paths__item__arrow">›</span> 
                                        openssl/libssl3@3.3.2-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        musl/musl@1.2.5-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        apk-tools/apk-tools@2.14.4-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        zlib/zlib@1.3.1-r1
                                         <span class="list-paths__item__arrow">›</span> 
                                        musl/musl@1.2.5-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        musl/musl-utils@1.2.5-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        pax-utils/scanelf@1.3.7-r2
                                         <span class="list-paths__item__arrow">›</span> 
                                        musl/musl@1.2.5-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        alpine-baselayout/alpine-baselayout@3.6.5-r0
                                         <span class="list-paths__item__arrow">›</span> 
                                        busybox/busybox-binsh@1.36.1-r29
                                         <span class="list-paths__item__arrow">›</span> 
                                        busybox/busybox@1.36.1-r29
                                         <span class="list-paths__item__arrow">›</span> 
                                        musl/musl@1.2.5-r0
                                        
                                </span>
        
                            </li>
                                <li>
                                <span class="list-paths__item__introduced"><em>Introduced through</em>:
                                        docker-image|public.ecr.aws/docker/library/redis@7.0.15-alpine
                                         <span class="list-paths__item__arrow">›</span> 
                                        musl/musl-utils@1.2.5-r0
                                        
                                </span>
        
                            </li>
                    </ul><!-- .list-paths -->
        
            </div><!-- .card__section -->
        
              <hr/>
              <!-- Overview -->
              <h2 id="nvd-description">NVD Description</h2>
        <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>musl</code> package and not the <code>musl</code> package as distributed by <code>Alpine</code>.</em>
        <em>See <code>How to fix?</code> for <code>Alpine:3.20</code> relevant fixed versions and status.</em></p>
        <p>musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8.</p>
        <h2 id="remediation">Remediation</h2>
        <p>Upgrade <code>Alpine:3.20</code> <code>musl</code> to version 1.2.5-r1 or higher.</p>
        <h2 id="references">References</h2>
        <ul>
        <li><a href="https://git.musl-libc.org/cgit/musl/commit/?id=c47ad25ea3b484e10326f933e927c0bc8cded3da">https://git.musl-libc.org/cgit/musl/commit/?id=c47ad25ea3b484e10326f933e927c0bc8cded3da</a></li>
        <li><a href="https://git.musl-libc.org/cgit/musl/commit/?id=e5adcd97b5196e29991b524237381a0202a60659">https://git.musl-libc.org/cgit/musl/commit/?id=e5adcd97b5196e29991b524237381a0202a60659</a></li>
        <li><a href="https://www.openwall.com/lists/oss-security/2025/02/13/2">https://www.openwall.com/lists/oss-security/2025/02/13/2</a></li>
        <li><a href="http://www.openwall.com/lists/oss-security/2025/02/13/2">http://www.openwall.com/lists/oss-security/2025/02/13/2</a></li>
        <li><a href="http://www.openwall.com/lists/oss-security/2025/02/13/3">http://www.openwall.com/lists/oss-security/2025/02/13/3</a></li>
        <li><a href="http://www.openwall.com/lists/oss-security/2025/02/13/4">http://www.openwall.com/lists/oss-security/2025/02/13/4</a></li>
        <li><a href="http://www.openwall.com/lists/oss-security/2025/02/13/5">http://www.openwall.com/lists/oss-security/2025/02/13/5</a></li>
        <li><a href="http://www.openwall.com/lists/oss-security/2025/02/14/5">http://www.openwall.com/lists/oss-security/2025/02/14/5</a></li>
        <li><a href="http://www.openwall.com/lists/oss-security/2025/02/14/6">http://www.openwall.com/lists/oss-security/2025/02/14/6</a></li>
        </ul>
        
              <hr/>
        
            <div class="cta card__cta">
                <p><a href="https://snyk.io/vuln/SNYK-ALPINE320-MUSL-8720638">More about this vulnerability</a></p>
            </div>
        
        </div><!-- .card -->
      </div><!-- cards -->
    </div>
  </main><!-- .layout-stacked__content -->
</body>

</html>
